NVD

Id
1676  
Name
CVE-2008-1736  
Description
Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table (SSDT) functions, which allows local users to cause a denial of service (system crash) via (1) a crafted OBJECT_ATTRIBUTES structure in a call to the NtDeleteFile function, which leads to improper validation of a ZwQueryObject result; and unspecified calls to the (2) NtCreateFile and (3) NtSetThreadContext functions, different vectors than CVE-2007-0709.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2008-04-29  
Modified Date
2011-03-07  
Seq
2008-1736  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
10883 1676 CVE-2008-1736 3838  View
10884 1676 CVE-2008-1736 1019944  View
10885 1676 CVE-2008-1736 http://www.coresecurity.com/?action=item&id=2249  View
10886 1676 CVE-2008-1736 http://www.personalfirewall.comodo.com/release_notes.html  View
10887 1676 CVE-2008-1736 20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls  View
10888 1676 CVE-2008-1736 28742  View
10889 1676 CVE-2008-1736 ADV-2008-1383  View
10890 1676 CVE-2008-1736 comodo-ssdt-dos(42082)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
47625 JVNDB-2008-002935 Comodo Firewall Pro におけるサービス運用妨害 (DoS) の脆弱性 Comodo Firewall Pro は、System Service Descriptor Table (SSDT) 関数にフックする特定のパラメータを検証しないため、サービス運用妨害 (システムクラッシュ) 状態となる脆弱性が存在します。 CVE-2008-1736 31849 CVE-2008-1736 1676 7.2 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002935.html 2008-04-29 2012-06-26 View